General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 293 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 970 Views
  • 0 replies
  • 0 Likes

Best Practise for Scheduling Dynamic Updates

We want to schedule dyanmic updates , we dont have test environment.

 

we can schedule updates on satellite offices then after 2 days to be installed on hub sites.

 

prb is if new application traffic hits it will be denied by hub as that application woul

...

Resolved! Bringing up all interfaces in ESXI enviroment

Hi,

 

I followed the docs when setting up a Palo Alto in an ESXI environment. I created 9 port groups for the device and connected each interface on the Palo Alto to one of them. When the Palo Alto came up all of the interfaces as not configured. If I

...

golariu by L1 Bithead
  • 3024 Views
  • 2 replies
  • 0 Likes

Import existing config into Panorama woes

We have a handful of standalone PAs that we want to import into Panorama.   However in our first interation it failed with the following errors and I am not sure why.  The entire process isn't made clear to me either via PA (like a lot of their stuff

...

pan-post.JPG
drewdown by L4 Transporter
  • 5717 Views
  • 2 replies
  • 0 Likes

Resolved! Downloading PAN-DB via Panorama

Hi team,

 

I've had a customer inquire about downloading PAN-DB on their firewalls via the use of their Panorama, problem is I can't find any documentation that would cover this.

 

The use case of this would be for a deployment that is completely offline

...

Lauchlan by L0 Member
  • 5780 Views
  • 2 replies
  • 0 Likes

How do I test ransamware myself ?

Hello, everyone of the specialist

I plan to settings for wannacry in the Pan-OS 8.1
I want to check in advance that the settings will work

But I can't have a real wannacry on my PC
So I'm worried about how to prepare a fake wannacry

Do you have a good ide
...

awawa100 by L2 Linker
  • 3638 Views
  • 3 replies
  • 0 Likes

Resolved! Using PA220 as a "switch"

Hey all, i got a question that im not sure how to solve.

This is my setup/what i want to do do.

 

I got a L3 internet line on Ethernet1

On eth2 i got a CAT2960L with vlans 10 and 20.

On eth3 i got a CAT2960L with vlans 10 and 20.

 

I got 2 2802i with mobili

...

holten by L1 Bithead
  • 6401 Views
  • 4 replies
  • 0 Likes

SSL certificate expiring soon

I have a wildcard cert issued by godaddy which I use for inbound decryption on approx 10 dmz servers. it is set to expire soon and we've got a new cert. how can I seamlessly import it and not break the client connections as my server admins servers 

...

Can't commit in Panorama 8.1.4

Trying to add a new firewall into panorama, Im simply adding the serial number to the manageded devices and when I try to commit I get the following:

 

Validation Error:
deviceconfig -> system -> panorama-server constraints failed : Panorama server addr

...

Captive portal is not working on Chrome browser only

Hi Team

 

In my premise we have more than 200 machines, In all of the machine Captive portal is not working on chrome browser only but its working fine on IE and firefox browser.

 

Its not seems like browser issue. Something related to PA firewall. 

 

Plea

...

Dynamic DNS and an SSL cert

How can I use dynamic DNS and SSL cert on the outside interface of the palo alto for global protect?

 

I do not have a problem paying for something but I figured there is a way. I do not have a "server" at my home that is always on so I would need the

...

Application incomplete or Non Applicable

I have seen this so many times and I am wondering who you deal with it efficiently when making a rule. 

 

I see a standard port of like 443 or 8080 but with a rule that has application defined as SSL or web-browsing it doesn't hit the rule due to the a

...

Pa220 problem with random reboot

We are having 2 x PA220 with latest software and they are rebooting when we are using web management. I am fustrated, I opened support ticket (own premium support) and I have two options; to downgrade to 8.1.x  or wait 2 months for bug fix (HTTPd pro

...

Resolved! Test TLD

We block the "unknown" category in web browsing. This recently became an issue when an application needed to be accessed by its IP address. If the user hacked his HOSTS file to set the name test.test.test to that IP address, he was able to get to the

...

testtesttest.PNG

Palo Alto interfaces configuration

Tell me, please, if the device is not registered on the portal, will the firewall work? I connected PA-220 with PA-820 by patch-cord, but in the CLI I don't see the MAC addresses on these ports. Addresses from the same subnet.

PA-220 Eth 1/1 config:

PA

...

pa220.JPG
pa820.JPG
  • 24036 Posts
  • 115 Subscriptions
Top Liked Authors
Labels